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Abstract. A new framework for presenting and analyzing the function- 
ality of a modern DLL-based SAT solver is proposed. Our approach 
exploits the inherent relation between backtracking and resolution. We 
show how to derive the algorithm of a modern SAT solver from DLL step- 
by-step. We analyze the inference power of Boolean Constraint Propaga- 
tion, Non-Chronological Backtracking and lUIP-based Conflict-Directed 
Backjumping. Our work can serve as an introduction to a modern SAT 
solver functionality and as a basis for future work on the inference power 
of a modern SAT solver and on practical SAT solver design. 



1 Introduction 

Propositional satisfiability (SAT) is the problem of determining for a formula 
in propositional calculus, whether there exists a satisfying assignment for its 
variables. This problem belongs to a large family of NP-complete problems. 
SAT has numerous applications, e.g. in formal verification [21]. Modern complete 
SAT solvers, based on the original backtrack search algorithm DLL [5], are able 
to efficiently solve SAT instances arising in real-world applications. DLL was 
studied and enhanced over the years (see [11] for an overview), however a major 
breakthrough was made by the authors of the GRASP SAT solver [24] , making it 
practically efficient. GRASP introduced a number of innovations in backtracking, 
united under the title, "conflict analysis" . These algorithms were further refined 
in the Chaff solver [17]. 

Chaff's conflict analysis, inherited by the most modern SAT solvers (e.g. 
Minisat [10]), includes the following enhancements to DLL: (1) Boolean Con- 
straint Propagation (BCP) [6]; (2) Non-Chronological Backtracking (NCB) [24]; 
(3) lUIP-based Conflict-Directed Backjumping (CDB) [17]; and (4) lUIP-based 
Conflict Clause Recording (CCR) [17].'^ In the existing literature on practical 
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SAT solver design, including [24,17], the above-mentioned algorithms are con- 
sidered to be interdependent; they arc described and examined together by the 
means of implication graph analysis [24] . 

We show how to add these four enhancements to basic backtracking individ- 
ually and independently to derive a full-fledged modern solver. Our work can be 
used as a guide for implementing a modern SAT solver by carrying out a well- 
defined sequence of steps, summarized in the conclusion, which also includes 
references to papers on data structures and heuristics for SAT, not discussed 
here. 

Proof (inference) systems can be compared in terms of the sizes of the shortest 
proofs (refutations) they sanction [4]. We say that Q is at least as strong as P 
{Q < P) if every unsatisfiable CNF formula has a refutation in Q that is no 
longer than the minimal refutation in P. (This is a quasi- ordering.) We say that 
P and Q are equally strong {P ~ Q) if minimal refutations of every formula 
are of the same size. A proof system Q p-simulates P if every formula has a 
refutation in Q that is at most polynomially longer than P's. 

General resolution is one of the most popular and simplest automatable proof 
systems. Tree-like resolution (TLR) is a restricted version, wherein a proof takes 
the form of a tree, rather than a directed acyclic graph (dag). The size of a 
resolution refutation is the number of resolvent clauses generated. DLL-based 
solvers can also be seen as proof systems, where the size of a proof is the number 
of decisions made. 

The inference power of DLL with Conflict Clause Recording has been an- 
alyzed in a number of recent works [2,13,15]. In particular, in [2] it is shown 
that DLL with CCR and unlimited restarts p-simulates general resolution, where 
"restarts" [14] is the technique that allows for restarting the search at any de- 
cision point, keeping conflict clauses. However, inference power results depend 
strongly on the underlying formalization of DLL and CCR. In particular, it has 
been observed in [15] that the formalization of CCR, used in [2], was too gen- 
eral. It allowed the algorithm to continue the search, even if one of the clauses 
is falsified by the current assignment. Reference [15] used another model, under 
which the solver is forced to use BCP and backtracking once a falsified clause is 
identified, and proved that DLL with CCR can "effectively" p-simulate general 
resolution in a sense made precise in [15]. The problem of whether or not DLL 
with CCR can p-simulate general resolution remains open. 

Our framework should be helpful for future work on analyzing the power of 
DLL with Conflict Clause Recording, but we concentrate on analyzing the power 
of other algorithms, implemented in modern SAT solvers. To the best of our 
knowledge, the inference power of BCP, lUIP-based CDB and NCB has never 
been examined in literature. (This is surprising, since these algorithms arc widely 
used in modern SAT solvers.) We demonstrate that DLL with lUIP-based CDB, 
DLL with NCB, plain DLL and TLR are equally strong. We show that although 
DLL with BCP p-simulatcs DLL, there is a formula whose shortest refutation in 
DLL with BCP is linearly longer than in DLL. We also show that DLL is at least 
as strong as DLL with NCB, lUIP-based CDB and BCP, intuitively meaning 
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that a SAT solver without Conflict Clause Recording is not stronger than DLL 
or TLR. Our results follow from simple analysis of the impact of each algorithm 
on the resolution refutation construction. 

A fundamental enhancement to the DLL algorithm that should be added 
before others is parent clause maintenance.^ A modern SAT solver associates 
every flipped literal with a parent clause - a clause, composed of the flipped literal 
and a disjunction of a subset of previously assigned literals, negated. Intuitively, 
the parent clause is a sufficient reason for the flip. It is derived by resolution 
upon backtracking. A fundamental notion, which we will base our analysis on, 
is parent resolution of a flipped literal, that is, the resolution derivation of the 
parent clause. 

In previous work [8] , we proposed comparing and enhancing k^arning schemes 
for a modern SAT solver by understanding it as a decision-tree construction 
engine. The current work is based on the well-studied and more general concept 
of resolution-refutation. In [8] , we introduced the notion of decision tree pruning, 
where "backward pruning" reduces the size of the newly generated left decision 
subtree and "forward" pruning is a measure for the impact of the Conflict Clause 
Recording scheme on the subsequent search. The empirical advantage of the 
lUIP scheme over other schemes was justifled by showing that it contributes to 
backward and forward pruning more than other schemes do - both analytically 
and empirically. This result can easily be understood in the new framework, 
where the "left decision subtree" of [8] corresponds to the parent resolution of 
a flipped literal, and the notion of reducing the number of left decision subtree 
nodes corresponds to reducing the size of a newly generated parent resolution. 
Here, we reflect on the contribution of the described algorithms to backward 
search pruning, relating our analysis to the results of [8] . 

Nieuwenhuis et al. [20] provide a formalization of modern complete SAT 
algorithms, allowing one to formally reason about their basic properties, such 
as completeness and termination, in a simple way. Their formalism allows one 
to easily extend DLL to serve as a basis for algorithms for Satisfiability Modulo 
Theories (SMT). Our framework is different in that it is meant to be used for 
practical SAT solver research and proof complexity considerations 

Section 2 provides basic definitions. Sections 3 5 show how to construct a 
modern SAT solver starting from Total Assignment Enumeration. We give some 
results on inference power and analyze the contributions of various algorithms 
to backward search pruning. This is followed by conclusions. 

2 Definitions 

We denote (propositional) variables by lowercase Latin letters. A literal is a 
variable v or its negation -^v. The Boolean values are denoted 1 and 0. For 
variable v and Boolean value a, v" is the corresponding literal; that is, v"^ = v and 
= -iv. A Conjunctive Normal Form ( CNF) formula is a set (or conjunction) 

^ This concept can be traced back to the "assertion clause" of [24] . 
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of clauses {Ci, . . . , Cm}, each clause being a disjunction (or multiset) of literals. 
We assume that the input formula does not contain the empty clause □. 

A clause C is a resolvent of clauses Di and D2 on pivot variable v G Di, 
denoted C = Di D2, if e D2, and C = i:>i U D2 \ {v, ^v}. Resolvent C is 
non-trivial if Di and D2 are non- redundantly resolvable, in the sense that there 
is a pivot variable v = pivot{Di,D2), such that the resolvent of Di and D2 on 
t; is not a tautology. 

A general resolution refutation of a given formula a = {Ci, . . . , Cm} is a dag 
Ga = (q U {C„i+i, . . . . Cm+„} . -B), whose nodes arc (associated with) clauses 
C'i and whose edges E represent rcsohition relations between clauses. Nodes 
corresponding to initial clauses are the sources of the graph. Each non-source 
node Ci is associated with a pivot variable pi. Each edge {i,j) G E, from node 
Ci to Cj, has an associated Boolean value T{i,j) and a status 5{i,j), which can 
either be L or R, standing for left and right, respectively.^ Each non-source node 
Ci has two incoming edges (j, i) and {k,i), associated with opposite Boolean 
values and opposite statuses. Nodes at the other side of a left or right incoming 
edge are called the left and right child of Ci, respectively. Clauses Cj and Ck 
are non-redundantly resolvable on pi and T{j,i) = p iff p^'' G Cj. A resolution 
refutation is complete if the last clause Cm+n is the empty clause □; otherwise, it 
is partial. The size of a resolution refutation is the number of non-source nodes. 

An example of a general resolution refutation, of size 4, appears in Fig. 1(a). 
The corresponding resolvent clause appears at each non-source node. The pivot 

Tie) 

variables are not shown; instead, the literal p^ ^ ' labels each edge e. 

A tree-like resolution (TLR) refutation of a formula a is a resolution refuta- 
tion G, such that a non-source clause appears on each path from a source to the 
target clause only once. In other words, G without the source nodes forms a tree. 
A regular resolution refutation of a is a general resolution refutation, such that 
pivot variables along each particular path from a source to □ are different. Each 
node Ci of a valid resolution refutation G is referred to as a root of a tree-like 
resolution refutation, if Ci is a root of a tree in G with only non-source nodes, 
in which case G is a resolution derivation of Gj. 

3 SAT Solver Skeleton 

Modern SAT solvers arc rooted in Total Assignment Enumeration (TAE) - a 
DFS search in the assignment space, checking the satisfiability of each clause only 
after all variables assigned. The only difference between the DLL algorithm [5] 
and TAE is that DLL checks satisfiability of each clause after every assignment. 
Both TAE and DLL can be viewed as proof systems for unsatisfiable formulas. 
We define the proof size for both algorithms as the number of decisions, where 
fiip operations are not considered to be decisions. 

Proposition 1. TAE does not p-simulate DLL. 
® Status values make sense in the context of tree-like resolution. 
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Algorithm 1 SAT Solver Skeleton (SSS) 



1: Instance := {Ci , C2, . . - , Cm} 
2: d:=0 

3: G := InitResolutionRefutation(Instance) 
4: loop 

5: NewParent := none 
6: d:=d+l 

7: {vd;Od) ChooseNewLiteral{vi, . . . ,Vd-i) 
8: LRStatus{d) := L 
9: if a\:d{Instance) = 1 then 
10: return satisfiable 

11: while 31 € InstanceU {NewParent} : a\:d{Ci) = do 

12: Parent{d) := I 

13: CTd := -i(Tti 

14: LRStatus{d) ■- R 

15: if 3r £ Instance : ai:d{Cr) = then 

16: NewParent := r 

17: while d> and (LRStatus{d) = R or IJ^ ^ C NewParent) do 

18: if LRStatus{d) = R and tirf"^** £ CNewParent then 

19: NewParent := AddNode{G, Par ent{d), NewParent, Vd) 

20: d := d - 1 

21: if d = then 

22: return unsatisfiable 



Proof. Consider the formula a A -la over n variables. The size of the shortest 
DLL proof is 1. The size of any TAE proof is 2" - 1. □ 

Algorithm 1, which we refer to as the SAT Solver Skeleton (SSS), is an 
implementation of DLL, enhanced by parent clause and parent resolution main- 
tenance. 

First, we depict the general flow of Algorithm 1. The algorithm comprises 
three loops: the main loop (starting at line 4), the conflict analysis loop (line 11) 
and the backtracking loop (line 17). Each iteration of the main loop increases the 
decision level d and assigns an unassigned decision variable vj, to some value aa- 
If the formula is satisfled, the algorithm returns. Otherwise, if none of the clauses 
is falsified by the current assignment cri:^, the main loop continues. (We denote 
by CTi-d the partial assignment induced by assignments to decision variables cor- 
responding to decision levels 1 . . .d.) If one of the clauses Ci is falsifled by ai-d, 
the algorithm enters the conflict analysis loop. In this case, we say that a conflict 
takes place in a blocking clause Ci. The conflict analysis loop continues working 
until a new decision is required or the formula is proved to be unsatisfiable. As a 
first step, it flips the value of Vd- If no conflict follows, a new decision is required 
and the algorithm exits the confiict analysis loop and returns to the main loop. If 
a confiict follows, the algorithm enters the backtracking loop. The backtracking 
loop is responsible for backtracking to the lowest possible decision level d, whose 
decision variable can be fiipped. The backtracking loop may also prove that no 
such decision level exists, in which case the formula is unsatisfiable. 
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Fig. 1. Examples for a = (a V 6) A (-.6 V c) A (-.6 V -ic) A (-.a V b) and a' = a A (a V -.6) 



A decision level is left before its decision variable has been flipped, and right 
after. The status of each decision level d is maintained in LRStatus{d) in Al- 
gorithm 1. The algorithm maintains a parent clause Parent{d) for each right 
decision level d, which must be a logical consequence of the initial formula, and 
it must consist of the literal v'^'' and a subset of literals, falsified by ai;d-i- 
Intuitively, the parent clause explains why vj. was flipped. It can be seen as an 
implication a =^ Vd, where a is a conjunction of a subset of variables assigned be- 
fore Vd- The parent clause is derived by tree- like resolution during backtracking. 
The derivation of the parent clause is the parent resolution of Vd- The following 
two invariants must hold throughout execution of SSS: 



1. Flip-consistency: For each right decision level d, Parent{d) is a valid par- 
ent clause. 

2. Resolution-consistency: G is a valid TLR refutation; and for each right 
decision level d, the node Parent{d) is a root of a valid tree-like resolution 
refutation. 



Now we describe the parent resolution and parent clause creation process, 
demonstrating that the two invariants hold.^ The parent clause is set for each 
flip at the beginning of the conflict analysis loop (line 12). Suppose that we 
are in the flrst iteration of the conflict analysis loop. The clause Ci G Instance 
is falsified by ai-d before the flip. (Note that NewParent, whose usage will be 
described shortly, is always none at the first iteration of the confiict analysis 
loop.) It is easy to check that C; is a valid parent clause and it is the root of a 
trivial tree-like resolution refutation. 

Now we analyze the case when the parent clause is created by the backtrack- 
ing loop. Suppose that there is a conflict after the flip, made during the flrst 

® For a formal proof, see [19]. 
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iteration of the conflict analysis loop. The backtracking loop maintains a back- 
tracking clause NewParent. Each iteration of the backtracking loop maintains 
the backtracking invariant: ai;d-i{NewParent \ {v^'^''}) = and NewParent is 
a root of a tree-like resolution refutation. Observe that if the backtracking in- 
variant holds, then the flip-consistency and the resolution-consistency invariants 
will hold after the backtracking loop finishes. 

Before the first iteration, the backtracking clause is initialized to the newly 
discovered blocking clause. The parent clause of d and the blocking clause, en- 
countered after flipping Vd, are non-redundantly resolvable. Thus, a new valid 
node is added to G by the algorithm.^ The resulting clause Parent{d) (g)"'' 
NewParent becomes the new backtracking clause. When the algorithm visits 
a decision level d on subsequent iterations of the backtracking loop, one of the 
following cases happen: 

1. The decision level d is 0. In this case, the formula is unsatisfiable, and the 
backtracking clause must be □ by the backtracking invariant. 

2. The decision level d is left and the negation of its decision literal belongs 
to the backtracking clause {LRStatus{d) = L and v'^'^'^ £ C NewParent)- The 
backtracking loop terminates as it has found a variable to flip and has built 
its parent clause and resolution. 

3. The decision level d is right and v'^'^'^ € C NewParent- The backtracking loop 
resolves the parent clause of d with the backtracking clause to receive a new 
backtracking clause. One can easily verify that: (1) Cparent(d) and CNewParent 
are non-redundantly resolvable with pivot variable v^; (2) the new back- 
tracking clause must be falsified by ai^d-i, and it must be a root of a TLR 
refutation. 

4. The decision level d is left and w^'^'' ^ C NewParent- In this case, the back- 
tracking loop of SSS does not flip Vd and continues backtracking. Indeed, 
the backtracking clause must be falsified by ai-d-i; thus there is no satisfy- 
ing assignment under v\ = ai, . . . , Vd-i = ad-i,Vd = ^<Td- The behavior of 
our algorithm in this case shows the difference between SSS and plain DLL, 
which flips every left decision variable. 

5. The decision level d is right and v'^'^'' ^ CNewParent- The algorithm back- 
tracks to the next decision level without carrying out the resolution opera- 
tion. We say that resolution backward pruning takes place in this case. We 
relate search pruning to the ability of the algorithm to reduce the number of 
nodes in the final resolution refutation of the formula. In our case, the par- 
ent resolution of Vd is not included in the derivation of the new backtracking 
clause; thus it will not be included in the derivation of the newly flipped 
variable, which in turn means that it will not be included in the final reso- 
lution refutation of the formula. Resolution backward pruning corresponds 
to one of the three cases of backward tree pruning of [8] ( "skipping of inac- 
tive If- variables, not connected to the conflicting clause vertices"). We will 

The function AddNode takes a valid resolution refutation G, a left son, a right son 
and a pivot variable, and creates a new node in G, returning its index. 
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encounter the other two types of backward pruning when discussing NCB 
and lUIP-based CDB. 

Consider the snapshot of an SSS invocation after the second conflict in 
Fig. 1(d). The current decision level is 3. In the first iteration of the backtrack- 
ing loop, a new clause -16 = -16 V c (8)'^ V -ic is created and the decision level 
becomes 2. The right decision variable a does not appear in the newly created 
clause; hence backward pruning takes place. Backtracking continues and no new 
clause is created inside the backtracking loop during this iteration. The back- 
tracking stops at decision level 1, as the clause -b will be a valid parent clause 
after flipping the variable h. The situation that results after the flip appears in 
Fig. 1(e). The bottom- left part of the figure, which includes nodes with clauses 
and arrowed edges, represents the parent resolution of h, created by the back- 
tracking loop. Note that the parent resolution of -la, which consists of the single 
clause a V -16, does not appear in the new parent resolution. Another example 
of backtracking and flipping is the transformation from Fig. 1(b) to Fig. 1(c). 

4 A Tree-Like SAT Solver 

Next, we show how to augment Algorithm 1 with Boolean Constraint Propaga- 
tion, lUIP-based Conflict-Driven Learning and Non- Chronological Backtracking 
- separately and independently. We analyze the inference power of each algo- 
rithm. We begin by showing that Algorithm 1, DLL and TLR are equally strong. 

4.1 The Power of SAT Solver Skeleton 

The only difference between SSS and DLL in terms of search space exploration 

is the fact that DLL flips every left variable, whereas SSS may skip flipping some 
variables. We show that parent clause and resolution maintenance do not change 
the inference power of DLL. It remains the same as TLR.^ This observation 
means that parent clause and resolution maintenance is a heuristic, enabling the 
flnding of shorter proofs by compressing a proof on-the-fly. 

Proposition 2. TLR ~ SSS ~ DLL. 

Proof. We consider DLL to be a simplified version of Algorithm 1, which flips 
every left decision variable and does not maintain parent clauses and resolution 
refutations. We will prove in turn that: TLR > SSS; SSS > DLL; DLL > TLR. 

Consider the shortest tree-like resolution refutation H of size k of any un- 
satisfiable formula. We show that there exists an SSS invocation, whose size is 
at most k. We let the SSS algorithm explore the reversed dag in a depth-first 
(DFS) manner, starting with □ assigning literals, associated with the edges of 
H. We denote the currently visited node of H by Ch- We enforce the SSS algo- 
rithm to always choose clauses appearing at the leaves of H as blocking clauses 

* The fact that DLL is identical to TLR is well-known. 
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in case of ambiguity. It is sufficient to show that the following invariants always 
hold: (1) A conflict is encountered by SSS iff a leaf of H is reached; (2) SSS will 
flip exactly the variable that DFS backtracks to. First, observe that the second 
invariant must hold unless the flrst one is violated. Indeed, the backtracking 
clause must be the visited clause of H, given that H is a valid TLR rcifutation. 
Second, note that if a leaf of H is reached, a conflict must be found by SSS 
in Ch, since all the literals of Ch are assigned by construction. Finally, we 
show that if a conflict is found by SSS in a clause D, then Ch must be a leaf. 
Suppose to the contrary, Ch is not a leaf. Denote the only path from Ch to □ 
by M = {Ml, . . . , Mfe}, where Mi = Ch and Mk = □. Then, the following oper- 
ations would transform H to a TLR refutation shorter than H: (1) Replace Ch 
by -D in iJ and delete the derivation of Ch from H. This operation decreases the 
size of H, however H is no more a TLR, unless Ch = D; hence we need to "fix" 
it. (2) For every literal / G D \Ch, augment every clause of M with I starting 
with Ml = Ch, until a node with pivot variable I is reached. The last condition 
must hold, since otherwise / would not be assigned; (3) Remove the literals of 
Ch\D from the clauses of M. This step might leave unnecessary nodes in M 
- nodes, one of whose sons does not contain the pivot variable. (4) Remove the 
unnecessary nodes from M together with the resolution derivation of the son 
that does not appear in M . 

Now consider the shortest SSS invocation of size k. There exists a DLL 
invocation of at most the same size, since the shortest invocation of SSS must 
flip every left variable. Indeed, if a left variable h was skipped, then not making 
this decision would result in an SSS invocation of size fc — 1. 

Finally, consider the shortest DLL invocation. We show that there exists a 
TLR refutation of at most the same size. Consider an invocation of SSS taking 
the same decisions. Such SSS invocation is valid, and it refutes the given formula, 
since it a left decision level cannot be skipped, otherwise the DLL invocation 
would not be the shortest one. SSS outputs a tree-like resolution of at most the 
same size, since any node of the TLR refutation corresponds to a backtracking 
step, and backtracking steps correspond to decisions in a one-to-one manner. □ 

4.2 Boolean Constraint Propagation (BCP) 

A clause C is a unit clause at decision level d if C evaluates to a lone literal 
under ai-d- 

Boolean Constraint Propagation (BCP) is the following process, carried out 
by the solver at each decision point: If there is a unit clause C at level d, pick the 
opposite literal v'^'' as the next decision. Observe that the algorithm would then 
encounter a conflict and would flip the value of v automatically in the conflict 
analysis loop. It is accepted in the literature to refer to C after this operation as 
a parent clause of an implied literal v^. In our formulation, implied literals are 
treated as regular flipped decision variables, in contrast to the separation between 
decision and implied variables. This approach allows us to avoid implication 
graph terminology. 
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It is widely accepted that BCP helps accelerate modern SAT solvers, though 
it typically consumes 80-90% of a solver's run-time [17]. The added value of BCP 
is that it allows the solver to quickly propagate information and find conflicts. 
However, this claim is accurate only when unit clauses, identified by BCP, are 
relevant for the resolution process. Wc show below that BCP can decrease the 
inference power of DLL by a linear factor; therefore, at least in some cases, BCP 
may slow down the solver by making unnecessary propagations. Nevertheless, as 
wc will sec, the damage is never exponential. 
To implement BCP, do the following: 

BCP (invoked instead of line 7 of Algorithm 1): 

if 3Ci € Instance : Cj is a unit clause at d then 

{Vd, (Td) ■■= {V, -'P) 

else 

{vd, <^d) '■= ChooseNewLiteral{vi, . . . , v^-i) 

Proposition 3. There is a formula whose shortest refutation in DLL with BCP 
is linearly longer than in DLL. 

Proof. Consider a formula consisting of (1) eight clauses, each of size 3, cor- 
responding to all possible disjunctions between literals of variables: a, 6, c, and 
(2) the following set of k clauses for each literal p £ D = {a,b,c,^a,^b,^c}: 
CP = (pVl5')A(-Zrvlf)A(-lfv;f)A...A(-l^_iV/^). The variables Lf = Z^} 
are fresh variables for each of D's literals. 

Clearly, there exists an invocation of DLL refuting the formula with 7 de- 
cisions, which ignores clause set (2). BCP, however, forces k additional, useless 
inferences. More specifically, if p is the first literal of D that is assigned, then all 
the literals of L^p are assigned either before p or as a result of BCP, after p's 
assignment. 

The complexity of every invocation DLL-I-BCP on this example is $7(3 -|- 
6k), compared with constant complexity of DLL. Hence, our formula linearly 
separates DLL from DLL-I-BCP. □ 

Proposition 4. DLL + BCP p-simulates DLL. 

Proof. BCP may add only a linear number of decisions per leaf. □ 
4.3 Non- Chronological Backtracking (NCB) 

Non-Chronological Backtracking (NCB) is a backward pruning technique, ap- 
plied immediately after a new variable for fiipping is discovered by the back- 
tracking loop. 

Suppose that the algorithm is about to flip a certain left decision variable 
Vd after flnding a corresponding parent clause C;. It may be the case that C; 
would still be a parent clause, consisting of Vd and falsified literals, even if one 
decreased d prior to the flip operation undoing some of the previously made 
decisions. NCB is the process of backtracking to a highest decision level g, so 
that Ci is still a parent clause. 
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After the above-described operation, the NCB implementation of Chaff also 
increases d up to the closest left decision level. This step is carried out so as not 
to redo BCP. To implement NCB, do the following: 

Non-Chronological Backtracking (NCB) (invoked just before line 12): 

g := Minimal g, such that (J\:g{Ci \ {v^"'^}) = 

g := First left decision level > g — l{An optional step} 

Vg+i := Vd.; Ug+i := ad;d:= g + 1 
The NCB algorithm induces the second type of backward search pruning, 
which we call NCB backward search pruning ("skipping lu- variables" in [8]). 
Recall that we have introduced resolution backward search pruning in Sect. 3. If 
there exist right decision levels between g and d, the algorithm does not include 
their parent resolutions in the parent resolution of the flipped variable; thus 
these parent resolutions will not be part of the final resolution refutation of the 
given formula. 

Figure 1(f) shows the effect of NCB. A snapshot of an SSS invocation after 
the first confiict is depicted on the left-hand side. The algorithm identifies the 
fact that it can flip the value of variable b at decision level 2, rather than at 3, 
since the conflict does not depend on the value of c. Hence, it unassigns c before 
the flip. The situation that results appears on the right-hand side of Fig. 1(f). 
Observe that NCB backward pruning does not occur in this example, since the 
algorithm does not skip right decision levels. 

Now we show that NCB does not change the inference power of SSS. 

Proposition 5. SSS + NCB - DLL. 

Proof. NCB cannot be applied in a shortest SSS invocation, since this would 
yield the existence of decisions that could be skipped by the shortest invocation 
of SSS, which is impossible. Thus, an invocation of SSS with NCB taking the 
same decisions as a shortest SSS invocation is valid. (No actual points for making 
a Non-Chronological Backtracking exist.) On the other hand, SSS with NCB 
always generates a TLR refutation of at most the same size. □ 

4.4 lUIP-based Conflict-Directed Backjumping (CDB) 

lUlP-based Conflict-Directed Backjumping (CDB) is yet another backward 
search pruning technique. 

A Unique Implication Point (UIP) [24] is a well-known concept, whose name 
is rooted in the implication-based approach to conflict analysis. First, we express 
this notion in our framework. 

A left decision block of a left decision level h, LDB{h) is a subset of decision 
levels that includes h and every right decision level, assigned after h, but before 
the next left decision level (if available).^ 

Suppose that the SSS is backtracking over a decision level d. Let g be the 
highest left decision level. A right decision variable Vd is a Unique Implication 

^ Our definition of decision level corresponds to that of GRASP [24]. Chaff's [17] 
decision level is what we call a left decision block. 
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Point (UIP), if Vd is the only variable assigned at LDB{g) that appears in the 
backtracking clause NewParent. Backtracking may find more than one UIP. UIPs 
are counted according to their order during the backtracking phase. 

lUIP-based CDB is the following technique: once the first UIP (lUIP) vari- 
able Vd is discovered during backtracking, continue as if Vd was a left decision 
variable, assigned instead of Vg, whose parent clause is the current backtracking 
clause. One way to think about lUIP-based CDB is as substituting the decision 
Vg by Vd a-posteriori. Note that a left decision variable can never be a UIP in 
our notation. 

This is implemented as follows: 

lUIP-based CDB (invoked just after line 20): 

g := Highest left decision level 

if v'^"'' e C NewParent and ai:g-i{C NewParent \ {Vd"''}) = then 

Vg ■= Vd; (Jg ■= (Td'i Parent{g) = NewParent; d:= g 

See the transformation of Fig. 1(b) into Fig. 1(e) for an example of the effect 
of lUIP-based CDB. After the algorithm learns a new resolvent clause -^b during 
backtracking, it discovers that it contains only one variable, b, assigned after the 
highest left decision level 1. So, it substitutes b for -la. The parent clause and 
parent resolution are updated to the backtracking clause and its derivation. 

lUIP-based CDB induces the third type of backward search pruning, which 
we call UIP backward search pruning ("skipping of inactive If- variables, con- 
nected to the conflicting clause vertices, but not dominated by the pivot vari- 
able" [8]). Consider a right variable Vj of the last left decision block, such that 
j < d, where d is the decision level of the UIP variable. Its parent resolution is 
not included in the newly derived parent resolution; thus it will not be included 
in the final resolution refutation. In our example, the parent resolution of -16 
that consists of a single clause a V 6 is pruned. We underscore the fact that 
we do not consider lUIP-based Conflict Clause Recording in this section, but 
only lUIP-based CDB. We will see that these two concepts are not necessarily 
related. 

The inference power of SSS with lUIP-based CDB remains the same. 
Proposition 6. SSS + lUIP-based CDB ~ DLL. 

Proof. SSS with lUIP-based CDB is not more powerful than SSS, since it always 
produces a TLR refutation of at most the same size, and TLR ~ SSS by Prop. 2. 

Consider now a shortest SSS invocation (equal in size to a shortest DLL 
invocation by Prop. 2), referred to below as the "original invocation". If a lUIP 
variable is never encountered, the claim is proven. Let Vd be the first variable, 
discovered to be a lUIP variable. Let SSS be at the point of making the decision 
Vd '■— o'd, such that after flipping Vd and backtracking, Vd becomes a lUIP 
variable. We show that there exists an "updated" SSS invocation of the same 
size, where the lUIP-based CDB is not made at this point. Iterative applications 
of this principle result in receiving an SSS invocation, such that the condition 
for making a lUIP-based CDB never holds; hence it can serve as an SSS with 
lUIP-based CDB invocation of the same size as the original SSS invocation. 
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Let g < d he the highest left decision level. The backtracking clause 
CNewPareni docs not Contain any literal assigned after g by definition of the 
lUIP-based CDB. Thus, Cparent(d) must contain at least one variable assigned 
after level g — I, since otherwise g would be an obsolete decision; thus there 
would exist an invocation with fewer decisions than any shortest one. 

We claim that it is sufficient to make the decision V4 := -1(74 first. Explore the 
relevant (previously right) subtree of the original invocation; then flip the value 
of Vd and explore the relevant (previously left) subtree of the original invocation 
to eliminate the situation when Vd becomes a lUIP variable. We ensure that new 
lUIP variables are not created, the validity of the invocation is preserved and 
the number of decisions remains the same. 

Suppose that the updated invocation has decided Vd ■= -'<Jd- A lUIP-based 
CDB cannot happen before flipping Vd and backtracking to d in the updated in- 
vocation, since Vd is the first lUIP variable, discovered by the original invocation 
by construction. The clause CNewParent will be generated as the parent clause 
for d. After the flip, the left subtree of the original invocation under Vd := Cd 
is explored. The newly generated resolvent clause C {4,, w Parent' is identical to 
Cparentid) of the Original invocation; thus it must contain at least one variable, 
assigned after g — 1. Hence, no lUIP-based CDB is made at this point at present. 
The generated resolvent clause after backtracking beyond d is exactly the same 
in the original and updated invocations. Making the same decisions as in the 
original invocation from this point on will result in a valid SSS invocation with 
the same number of decisions. □ 

4.5 The Power of a SAT Solver without Conflict Clause Recording 

Finally, we have that DLL is at least as strong as Algorithm 1 with Boolean Con- 
straint Propagation, Non-Chronological Backtracking and lUIP-based Conflict- 
Directed Backjumping. 

Proposition 7. DLL < SSS + BCP, lUIP-based CDB, NCB. 

Proof. Any invocation of SSS with BCP, lUIP-based CDB and NCB produces 
a TLR refutation, whose size is at most the number of decisions. □ 

5 A Modern SAT Solver Algorithm 

To complete the picture of transforming Total Assignment Enumeration into a 
modern SAT solver, we need to define Conflict Clause Recording in our termi- 
nology. Conflict Clause Recording (CCR) is an enhancement of DLL, allowing 
the algorithm to use some or all of the resolvent clauses for conflict identification 
(and propagation, if BCP is used). These clauses are called conflict clauses. A 
similar approach to CCR was used in [15,20]; however the literature on practi- 
cal SAT solver design [17, 10,22] uses an implication graph-based approach [24]. 
Our framework detaches CCR from other algorithms related to conflict analy- 
sis, such as Conflict-Directed Backjumping. For example, one can implement an 
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algorithm using a lUIP-based CDB, but without recording conflict clauses at 
all. With CCR, Algorithm 1 will still terminate with a valid complete resolution 
refutation; however, the refutation is no longer guaranteed to be tree-like. To 
turn Algorithm 1 into an algorithm that implements Chaff's scheme for CCR, 
it is sufficient to allow it to use all parent clauses for conflict identification: 

Parent-based Conflict Clause Recording (invoked just before line 21) 

if LRStatus{d) = L and v^"^"^ G CNewParent then 
Instance := Instance U {NewParent} 
lUIP-based CDB, NCB and Parent-based CCR with BCP constitute Chaff's 
conflict analysis engine exactly. The most modern SAT solvers, such as Min- 
isat [10] , use this scheme, optionally enhanced by minimization [10] . A summary 
of steps that should be carried out to implement a modern SAT solver is provided 
in the conclusion. 

6 Conclusions 

We have proposed a new framework for presenting and analyzing the func- 
tionality of a modern DLL-based SAT solver. We described the following en- 
hancements to the DLL algorithm: (1) Parent clause maintenance; (2) Boolean 
Constraint Propagation; (3) Non-Chronological Backtracking; (4) lUIP-based 
Conflict-Directed Backjumping; (5) Parent-based Conflict Clause Recording. 
The above-mentioned algorithms are not interrelated in our approach. We ex- 
ploited the inherent interrelation between backtracking and resolution not using 
the notion of implication graph. We demonstrated that DLL with lUIP-based 
CDB, DLL with NCB, plain DLL and TLR are equally strong, and provided 
a family of formulas, whose shortest refutation in DLL with BCP is linearly 
longer than in DLL. We have also shown that parent clause maintenance, NCB, 
lUIP-based CDB and BCP do make DLL stronger. We related the concept of 
search pruning to the size of the resolution refutation, derived by the algorithm, 
and pointed to the contribution of various algorithm to search pruning. 

The following is a suggestion how to implement a modern SAT solver: (1) 
Implement Algorithm 1 with Non-Chronological Backtracking (Sect. 4.3), lUIP- 
based Conflict-Directed Backjumping (Sect. 4.4), Parent-based Conflict Clause 
Recording (Sect. 5) and Boolean Constraint Propagation (Sect. 4.2), using mod- 
ern data structures [3]; (2) use a modern restart strategy, such as [23], and 
decision heuristic [7] . In the formal verification domain, use local conflict clause 
recording [8] and the implementation in [12] of decision stack shrinking [18]; (3) 
use an efficient preprocessor before embarking on the search [9]. 

The present work can serve as a basis for a future work on both the inference 
power of a modern SAT solver and on the practical SAT solver design. 
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